-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ralf Mardorf wrote: > Gustin Johnson wrote: >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> <snip> >> There are a couple of comments that I have. >> >> First, most of the anti-virus applications that I have tried do not work >> with the 64bit versions of a given distro. Clam is the only one I have >> tried that seems to install and run reliably. YMMV. >> > > Avira AntiVir 2 is fine on my 64 Studio 2.1 64bit. AntiVir 3 seems to > become more Windows like :(. > >> Second, is that I question the utility of AV, especially on a Linux >> based DAW. It is not that I do not believe in the danger of virii, it >> is just that I do not believe that most AV products actually work and >> are just wasted cycles. >> > > As I have written, I don't use it with a daemon that scans all the time, > only if I got files from the web I scan them manually, especially before > I forward files to Windows users or before I use files with my own > Windows install. > I don't share executables, and most of the files I do share are documents and media files. I guess I just don't see the point.
Of course you are free to make whatever choices you like. >> To illustrate, whenever I come across a virus in the wild (about a >> couple of times a month with my clients), I upload a sample to >> virustotal.com, which then scans that sample with 40 of the most popular >> scanners. A lot of the time less than 20% of the products successfully >> detect the virus, and almost never do the popular ones (Symantec, CA, >> Avast, AVG and Clam) ever succeed. Btw, it is trivial to take an >> infected file and make it appear clean to all 40 scanners used by >> virustotal. It takes less than a couple of minutes if you know what you >> are doing, and about 30 minutes if you don't. >> >> The point is that I would not trust a file even if an AV product said it >> was clean. > > Unfortunately you are right, the new virus from today will be detected > by a scanner the day after tomorrow. We only can scan single files > completely and maybe wait 2 or 3 days before we use those files, without > having any guarantee. > This is also a myth. There is no such thing as a 3 day window. Some of virii I find were originally released in 2005. All that has been done is to them is a repack and a change in the CnC host. Malware hidden in things like PDFs and images are very rarely detected as well. Anyway, there is no substitute for the educated user, who evaluates his or risks. Of course this is a lot of work, and the majority of users do not do this (~12% of people still click on spam links), but it is what it is. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkpt95oACgkQwRXgH3rKGfOhdgCgr2pCKHVurN1z2Cnx21HXDQbG 9T8An3mB/vGglJ0r86LBRFQYM+liRD6T =B6ga -----END PGP SIGNATURE----- _______________________________________________ 64studio-users mailing list [email protected] http://lists.64studio.com/mailman/listinfo/64studio-users
